Pop-up ad
Pop-up ads or pop-ups are forms of online advertising on the World Wide Web. A pop-up is a graphical user interface (GUI) display area, usually a small window, that suddenly appears ("pops up") in the foreground of the visual interface. The pop-up window containing an advertisement is usually generated by JavaScript that uses cross-site scripting (XSS), sometimes with a secondary payload that uses Adobe Flash. They can also be generated by other vulnerabilities/security holes in browser security. A variation on the pop-up window, the pop-under advertisement, opens a new browser window under the active window. Pop-unders do not interrupt the user immediately, but appear when the user closes the covering window, making it more difficult to determine which website created them. History Pop-up ads originated on the Tripod.com webpage hosting site in the late 1990s. JavaScript provided the capability for a web page to open another window. Ethan Zuckerman claims he used that capability to launch advertisements in separate windows as a response to complaints from advertisers about their ads appearing on pages with sexual content. Zuckerman later apologized for the unforeseen nuisance pop-up ads had evolved into. Pop-up blocking Web development and design technologies allow an author to associate any item on a pop-up with any action, including with a cancel or innocent looking button. Because of bad experiences and apprehensive of possible damage that they may cause, some users do not click on or interact with any item inside a pop-up window whatsoever, and may leave the site that generated them or block all pop-ups. Opera was the first major browser to incorporate tools to block pop-up ads; the Mozilla browser later improved on this by blocking only pop-ups generated as the page loads. In the early 2000s, all major web browsers except Internet Explorer let users block unwanted pop-ups almost completely. In 2004, Microsoft released Windows XP SP2, which added pop-up blocking to Internet Explorer. Most modern browsers provide pop-up blocking tools; third-party tools add other features, such as ad filtering. Fake close buttons Users of websites and web applications continuously experience unwanted pop up ads through the course of their normal interaction with a web browser. Ordinarily, users respond by dismissing the pop-up through the "close" or "cancel" feature of the window hosting the pop-up. Because this is a typical response, some authors of pop-up advertising depend on this, and create on-screen buttons or controls that look similar to a "close" or "cancel" option. When the user chooses one of these "simulated cancel" options, however, the button performs an unexpected or unauthorized action (such as opening a new pop-up, or downloading an unwanted file on the user's system). Circumventing pop-up blockers A hover ad or in-page pop-up uses DHTML to combine a banner ad and a pop-up window that appears in front of the browser screen. JavaScript imposes an advertisement over a webpage in a transparent layer. This advertisement can appear in a variety of forms. For example, an advertisement can contain an Adobe Flash animation that links to the advertiser's site. An advertisement can also look like a regular window. Pop-up blockers cannot block the ad because it is a part of the webpage, but it can be blocked with third-party ad blockers such as AdBlock and Adblock Plus, or by using custom style sheets. URL redirection URLs are sometimes redirected to advertisement pages by URL redirection. URLs are sometimes opened in a new tab and then the content of the old background tab will be replaced with an advertisement page by URL redirection, other times it switches the tab the user is on to the advertisement tab. Adblock Plus, uBlock and NoScript cannot block these redirects. Techniques "Pop-ups" * Certain types of downloaded content, such as images, free music, and others, can cause pop-ups, and therefore should not be trusted, especially pornographic sites' pop-ups (known as a "pornado" or "porn-storm", as coined by John C. Dvorak.) Also, the pop-ups sometimes look like ordinary web pages, and the name of the site shows up in a search bar. Many websites use pop-ups to display information without disrupting the page currently open. For example, they may provide needed extra guidance when filling in a form on a web page, without causing loss of any information already entered into the form. Most pop-up blockers allow this kind of pop-up. Some, however, reload the page, losing any information the user entered. *Some web based installers, such as that used by McAfee, use a pop-up to install software. *On many internet browsers, holding down the ctrl key while clicking a link makes it bypass the popup filter. *Clicking (even accidentally) on one pop-up may open other pop-up ads. Pop-under ads Pop-under ads are similar to pop-up ads, but the ad window appears hidden behind the main browser window rather than superimposed in front of it. As pop-up ads became more widespread and more intrusive, often taking up whole computer screen, many users would immediately close the pop-up ads that appeared over a site without looking at them. Pop-under ads do not immediately impede the view of content, but remain unnoticed until the user closes or minimizes the main browser window. Pop-under ad technology A pop-under ad involves two JavaScript functions introduced in 1997 with the Netscape 2.0B3 browser. Modern web publishers and advertisers use it to create a window in front of the users screen, load an advertisement, and then send it behind the screen. // create a new window in front of the current site window.open( URL, windowNamewindowFeatures ); // push the loaded advertisement back behind the browser window.focus(); Most modern browsers allow window.open to execute only if it was called by a user interaction (e.g., a mouse click) event handler. Any non-interactive calls (timer callback, load events, etc.) to window.open result in the new window being blocked. To bypass this restriction, most pop-under ads trigger on a mouse click event listener attached directly to the document or the document's body. This enables catching all mouse click events that were not consumed by other click event handlers, and calling window.open without being blocked. For example, when the user selects a text, the mouse click triggers the mouse click handler attached to the document and a pop-under opens using the above code. Notice that there are more techniques to bypass the window.open call restriction by "hijacking" mouse clicks. Patent controversy ExitExchange.com filed for a patent in 2000 on a subset of pop-under advertising called an exit pop. After years of controversy and numerous articles on the pop-under patent, the patent was awarded by the United States Patent and Trademark Office (USPTO) in April and June 2008. The respective patent numbers are and . Patent 7,386,555 is related to the method of opening an exit pop from a toolbar or software application on a computing device, whereas Patent 7,353,229 covers the method used to open an exit pop from an embedded script found within a media file (e.g., JavaScript code on a web page). Copyright issues Copyright aspects of pop-up advertising are discussed in the Wikipedia articles Derivative works and Transformativeness. Both articles contain illustrations and links to examples of pop-up advertising. See also *''1-800 Contacts, Inc. v. WhenU.com, Inc., lawsuit between 1-800 Contacts and WhenU SaveNow over pop-up ad placement *Ad serving *Adware and Spyware *Direct marketing *In-session phishing *Interstitial webpage *List of pop-up blocking software *Malware *Messaging spam *Modal window *Ransomware *Malvertising *Technical Support Scam Notes *Adams, Cecil. "What's up with popup ads?". ''The Straight Dope. October 15, 2004. *Zabunov, S. "From Annoyance to Pleasure - The Artistic Popup Approach". May 12, 2006. *US Patent 7,386,555 "Post-session internet advertising system" *US Patent 7,353,229 "Post-session internet advertising system" References External links * How To Stop Internet Popups - entry in wikiHow * IAB Pop-Up Guidelines and Best Practice Category:Advertising by type Category:Digital marketing Category:Information technology management Category:Online advertising methods Category:Online advertising Category:Types of malware Category:Web 1.0